Vulnerabilities > CVE-2002-1970 - Unspecified vulnerability in Snortcenter 0.9.5

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
snortcenter

Summary

SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.

Vulnerable Configurations

Part Description Count
Application
Snortcenter
1